Security Suggestion In Elasticsearch

Hi,
I am trying to deploy my ES server in Digital ocean. But Digital ocean had
some hacker attack as i didn't add any security to ES, So they blocked my
droplet and gave me warning. So i tried to find out how can i secure my ES
server. I have found out that Shield , using proxy or some other ways can
be solution. But i am confused. What is the best option (to secure ES) i
have right now.

  1. I have one ES server (i may add more in future)
  2. One server that run the java code. From this server i do all ES
    operation.
  3. There are some more servers like postgresql, gearman but i think these
    are not relevant here.

Thanks in advance.

--
You received this message because you are subscribed to the Google Groups "elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email to elasticsearch+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/elasticsearch/4aa2f9f8-b4b7-4ce3-8ff3-66c3304d64a5%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

The rule is not new. Do not expose Elasticsearch to the public internet,
just like Postgresql and Gearman.

Jörg

On Tue, Mar 31, 2015 at 8:45 AM, Shohedul Hasan shakil@qianalysis.com
wrote:

Hi,
I am trying to deploy my ES server in Digital ocean. But Digital ocean
had some hacker attack as i didn't add any security to ES, So they blocked
my droplet and gave me warning. So i tried to find out how can i secure my
ES server. I have found out that Shield , using proxy or some other ways
can be solution. But i am confused. What is the best option (to secure
ES) i have right now.

  1. I have one ES server (i may add more in future)
  2. One server that run the java code. From this server i do all ES
    operation.
  3. There are some more servers like postgresql, gearman but i think these
    are not relevant here.

Thanks in advance.

--
You received this message because you are subscribed to the Google Groups
"elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an
email to elasticsearch+unsubscribe@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/elasticsearch/4aa2f9f8-b4b7-4ce3-8ff3-66c3304d64a5%40googlegroups.com
https://groups.google.com/d/msgid/elasticsearch/4aa2f9f8-b4b7-4ce3-8ff3-66c3304d64a5%40googlegroups.com?utm_medium=email&utm_source=footer
.
For more options, visit https://groups.google.com/d/optout.

--
You received this message because you are subscribed to the Google Groups "elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email to elasticsearch+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/elasticsearch/CAKdsXoFZZbQ9x6MkdUC-TkCUHpfSh3Sieh1Rk_PE9YuwwSQvuw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Shield would be the best.
But you can also use iptables and nginx to secure and proxy things.

On 31 March 2015 at 17:45, Shohedul Hasan shakil@qianalysis.com wrote:

Hi,
I am trying to deploy my ES server in Digital ocean. But Digital ocean
had some hacker attack as i didn't add any security to ES, So they blocked
my droplet and gave me warning. So i tried to find out how can i secure my
ES server. I have found out that Shield , using proxy or some other ways
can be solution. But i am confused. What is the best option (to secure
ES) i have right now.

  1. I have one ES server (i may add more in future)
  2. One server that run the java code. From this server i do all ES
    operation.
  3. There are some more servers like postgresql, gearman but i think these
    are not relevant here.

Thanks in advance.

--
You received this message because you are subscribed to the Google Groups
"elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an
email to elasticsearch+unsubscribe@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/elasticsearch/4aa2f9f8-b4b7-4ce3-8ff3-66c3304d64a5%40googlegroups.com
https://groups.google.com/d/msgid/elasticsearch/4aa2f9f8-b4b7-4ce3-8ff3-66c3304d64a5%40googlegroups.com?utm_medium=email&utm_source=footer
.
For more options, visit https://groups.google.com/d/optout.

--
You received this message because you are subscribed to the Google Groups "elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email to elasticsearch+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/elasticsearch/CAEYi1X-Z6qH%2Bmh9Z7GB2UMChB6bwBrt-6tU_uVJWRGCy9c_gQg%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Do i have to use both of iptable and nginx. Another thing what is about
elasticsearch-jetty, will it be better than nginx? I didn't know that
shield is not free.

On Tuesday, March 31, 2015 at 1:43:25 PM UTC+6, Mark Walkom wrote:

Shield would be the best.
But you can also use iptables and nginx to secure and proxy things.

On 31 March 2015 at 17:45, Shohedul Hasan <sha...@qianalysis.com
<javascript:>> wrote:

Hi,
I am trying to deploy my ES server in Digital ocean. But Digital ocean
had some hacker attack as i didn't add any security to ES, So they blocked
my droplet and gave me warning. So i tried to find out how can i secure my
ES server. I have found out that Shield , using proxy or some other ways
can be solution. But i am confused. What is the best option (to secure
ES) i have right now.

  1. I have one ES server (i may add more in future)
  2. One server that run the java code. From this server i do all ES
    operation.
  3. There are some more servers like postgresql, gearman but i think these
    are not relevant here.

Thanks in advance.

--
You received this message because you are subscribed to the Google Groups
"elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an
email to elasticsearc...@googlegroups.com <javascript:>.
To view this discussion on the web visit
https://groups.google.com/d/msgid/elasticsearch/4aa2f9f8-b4b7-4ce3-8ff3-66c3304d64a5%40googlegroups.com
https://groups.google.com/d/msgid/elasticsearch/4aa2f9f8-b4b7-4ce3-8ff3-66c3304d64a5%40googlegroups.com?utm_medium=email&utm_source=footer
.
For more options, visit https://groups.google.com/d/optout.

--
You received this message because you are subscribed to the Google Groups "elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email to elasticsearch+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/elasticsearch/4f8191d4-750e-4574-b3fb-f6375b3f4b19%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

You don't need to use both, no. I've heard of people using
elasticsearch-jetty successfully, but it appears to have been unmaintained
for a while now.

And yes, Shield is a commercial plugin, you can try it free for 30 days
though.

On 2 April 2015 at 16:09, Shohedul Hasan shakil@qianalysis.com wrote:

Do i have to use both of iptable and nginx. Another thing what is about
elasticsearch-jetty, will it be better than nginx? I didn't know that
shield is not free.

On Tuesday, March 31, 2015 at 1:43:25 PM UTC+6, Mark Walkom wrote:

Shield would be the best.
But you can also use iptables and nginx to secure and proxy things.

On 31 March 2015 at 17:45, Shohedul Hasan sha...@qianalysis.com wrote:

Hi,
I am trying to deploy my ES server in Digital ocean. But Digital ocean
had some hacker attack as i didn't add any security to ES, So they blocked
my droplet and gave me warning. So i tried to find out how can i secure my
ES server. I have found out that Shield , using proxy or some other ways
can be solution. But i am confused. What is the best option (to secure
ES) i have right now.

  1. I have one ES server (i may add more in future)
  2. One server that run the java code. From this server i do all ES
    operation.
  3. There are some more servers like postgresql, gearman but i think
    these are not relevant here.

Thanks in advance.

--
You received this message because you are subscribed to the Google
Groups "elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send
an email to elasticsearc...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/
msgid/elasticsearch/4aa2f9f8-b4b7-4ce3-8ff3-66c3304d64a5%
40googlegroups.com
https://groups.google.com/d/msgid/elasticsearch/4aa2f9f8-b4b7-4ce3-8ff3-66c3304d64a5%40googlegroups.com?utm_medium=email&utm_source=footer
.
For more options, visit https://groups.google.com/d/optout.

--
You received this message because you are subscribed to the Google Groups
"elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an
email to elasticsearch+unsubscribe@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/elasticsearch/4f8191d4-750e-4574-b3fb-f6375b3f4b19%40googlegroups.com
https://groups.google.com/d/msgid/elasticsearch/4f8191d4-750e-4574-b3fb-f6375b3f4b19%40googlegroups.com?utm_medium=email&utm_source=footer
.
For more options, visit https://groups.google.com/d/optout.

--
You received this message because you are subscribed to the Google Groups "elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email to elasticsearch+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/elasticsearch/CAEYi1X-QmpZagpGE-jJuiwXJM0KWVY6vBBHuZe5rCvb5zMZsAQ%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.